HackDig : Dig high-quality web security articles for hacker

Today Google shut down Google Code, because GitHub has taken over that market. GitHub won not because Git is a better version-control system, but because it became a social-media website like Facebook and Twitter. Geeks like me express ourselves through our code. My GitHub account contains my projects just like Blogger contains my blogs or Twitter contains my tweets.

To be sure, Git's features are important. The idea of forking a repo fundamentally changed who was in control. Previously, projects were run with tight control. Those in power either accepted or rejected changes made by others. If your changes were rejected, you could just fork the project, making it your own version, with your own changes. That's the beauty of open-source: by making their source open, the original writers lost the ability to stop you from making changes.

However, forking was discouraged by the community. That's because it split efforts. When forks became popular, some people would contribute to one fork, while others would contribute to the other. Drama was a constant factor in popular open-source projects over the evil people who "hurt" projects by forking them.

But with Git, forking is now encouraged. Indeed, that's now the first step in contributing changes to a project. You fork it, make changes to your own version, then ask the original project to pull your changes from your fork.

This caused an explosion in social coding. Look at the average coder's GitHub account and you'll see a bunch of forked projects, plus a bunch of their original projects forked by others. For example, on my GitHub account, you'll see my Masscan project which 395 people have forked. You'll also see that I've forked and made a change to SecureDrop, a project for secure submissions by leakers to newspapers. I found a vulnerability, so I submitted a fix for it. The original project didn't accept my pull request, but instead just completely rewrote that part of the code.

Sometimes when I write blog posts, I include code. That code is on GitHub. When I hacked the Lenovo/Superfish key for example, I had to write a small password cracker for SSL certificate files. I just put it on GitHub. Others have forked it. Since it was a quick and dirty project, I put the comment "DON'T JUDGE ME" in the code. So somebody forked it and simply committed a change saying "...not judging". As I said: GitHub makes coding social.

Like blog posts, Facebook posts, or Tweets, people can post comments. An example of this was a pull request to libuv (an important networking library) that simply changed a comment from using the gendered pronoun "he" to a neutral "they". This resulted in a long comment chain as people debated this.

I sometimes write blogposts that go viral and get a million hits. I sometimes write tweets that go viral and get passed around everywhere. The same is true of GitHub. When I announced my Masscan project, it went viral, and was the "top trending project" on GitHub for a day. That they even track such a thing shows yet again how they are a social media site.

FedEx is famous for saying that what it really sells is procrastination. It's not that they can overnight something in an emergency, it's that you can wait until the last moment to send something. The same is true of the Internet. The tendency is to believe that a website is solely what it claims, that GitHub won with better version control, as this Wired article claims. That's not true. GitHub won because it made the solitary task of coding extremely social. GitHub won because it enabled anti-social Asperger coders to express themselves through their code.